<?php
		include("dbconn.inc");
		include("dbfuc.inc");
		include("session.inc");		
		$user=$_SESSION["user"];
		$curid=$_SESSION["curid"];
		$randam= rand(5, 100000);
		$_SESSION["session_pointtransfer_random"]=$randam;
		$dbconnection=$_SESSION["dbconnection"];		
	if(session_is_registered("dbconnection") )
	{
	
?>
<html>
<head>
<title>Untitled Document</title>
<style type="text/css">
<!--
body {
	margin-left: 0px;
	margin-top: 0px;
	margin-right: 0px;
	margin-bottom: 0px;
}
.style19 {font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; color: #666666; }
.style20 {	font-size: x-small;
	font-weight: bold;
	color: #000000;
}
.style22 {	font-family: Verdana, Arial, Helvetica, sans-serif;
	font-size: 12px;
	color: #FFFFFF;
	font-weight: bold;
}
body,td,th {
	color: #333333;
}
.style23 {color: #000000; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: x-small; }
.style24 {color: #000000}
.style25 {font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; color: #000000; font-weight: bold; }
-->
</style>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"></head>
<body>
<?php include "allheader.php"  ?>	

<?php
		if(($user!="") && (($curid!="") || ($curid!=0)))
		{
			$sql="";	
			$transfer_points=$HTTP_POST_VARS["txtTransferpoint"];
			$transfer_points=trim($transfer_points);
			$tran_user=$HTTP_POST_VARS["txtUsername"];
			$tran_user=trim($tran_user);
			
//ACCOUNT PIN DTLS
			$pin1=$_REQUEST["pin1"];
			$pin2=$_REQUEST["pin2"];
			$pin3=$_REQUEST["pin3"];
			$pin4=$_REQUEST["pin4"];
			$accountpin=$pin1.$pin2.$pin3.$pin4;
//inserting requested values into session

			$_SESSION['transfer_points']=$transfer_points;	
			$_SESSION['tran_user']=$tran_user;	
			$_SESSION['id']=$id;	
			
		
			$sql="select N_POINT from POINT_MASTER where N_ID=$curid ";
			$result=mysql_query($sql);
			$rownum=mysql_num_rows($result);
			if($rownum >0)
			{
				$rownum=$rownum-1;
				$current_point=mysql_result($result,$rownum,"N_POINT");
			
			}
//validation			
			if(checkString($transfer_points))  {
				$errcount=$errcount+1;
				$errortable[$errcount]="Invalid  Transfer point Entry in Point transfer(Empty)"; 
			}
			else if(checkInt($transfer_points))  {
						$errcount=$errcount+1;
						$errortable[$errcount]="Invalid  Transfer point Entry in Point transfer(Numeric Only)"; 
					}
				
			
//balance checking
	if($transfer_points < 200)
	{
		$errcount=$errcount+1;
		$errortable[$errcount]="Transfer point is less than minimum(200) transfer points(Invalid attempt)"; 
	}	
	else if($transfer_points > $current_point)
	{
		$errcount=$errcount+1;
		$errortable[$errcount]="Transfer point is greater than current points(Invalid attempt)"; 	
   }
   
//transfer user checking   
	if(checkString($tran_user))  {
				$errcount=$errcount+1;
				$errortable[$errcount]="Invalid  Transfer Username Entry in Point transfer(Empty)"; 
	}
   else
   {			
		$sql="select pn_id,C_FIRM_NAME,C_FNAME,C_ADDR1,C_ADDR2,C_ADDR3 from mlm_master b ,mlm_address_dtl a  where b.pn_id=a.n_id and  c_username='$tran_user'";
		$result=mysql_query($sql);
		$rownum=mysql_num_rows($result);
		if($rownum >0)
		{
			$rownum=$rownum-1;
			
			$expiredate=mysql_result($result,$rownum,"C_FIRM_NAME");
			$c_fname=mysql_result($result,$rownum,"c_fname");
			$joindate=mysql_result($result,$rownum,"C_ADDR1");
			$joindate=mysql_result($result,$rownum,"C_ADDR2");
			$joindate=mysql_result($result,$rownum,"C_ADDR3");
			$id=mysql_result($result,$rownum,"pn_id");
			
		}
		else
		{
			$errcount=$errcount+1;
			$errortable[$errcount]="Invalid  Transfer Username Entry in Point transfer(Invalid Username)"; 

	   }			
	}
//account pin checking
		$sql="select c_username from mlm_master where pn_id=$curid and C_ACCOUT_PIN='$accountpin' ";
		$result=mysql_query($sql);
		$rownum=mysql_num_rows($result);
		if($rownum >0)
		{
			$rownum=$rownum-1;
			$username=mysql_result($result,$rownum,"c_username");
			$account_flag=true;
		}
		else
		{
			$errcount=$errcount+1;
			$errortable[$errcount]="Invalid account pin entry in password change (not matching)"; 
		}	
	//displaing errors
		    if($errcount >0) {
			
			  echo "<br>";
			  echo "<br>";		
              echo "<div align='center'><font size='3' face='Verdana, Arial, Helvetica, sans-serif'><b>Following errors occured</b></font><br><br></div>";
			  echo "<table width='80%' border='0' cellspacing='0' cellpadding='0' align='center'>";
			  for($i=1;$i<=$errcount;$i++) {
                                echo "<tr>"; 
                                echo "<td width='7%'><div align='middle'><font face='Verdana, Arial, Helvetica, sans-serif'><font size='1'><font size='2'><font size='2'><b>".$i."</b></font></font></font></font></div></td>";
                                echo "<td width='93%' align='left' valign='middle'> <font face='Verdana, Arial, Helvetica, sans-serif' size='2'>".$errortable[$i]."</font></td>";
                                echo "</tr>";
		      }
		     echo"<tr>";
		     echo"<td colspan='2' height='20'>"; 
		     echo"<br>";
      	     echo"<div align='center'><b><a href='javascript:history.back();'><font face='Verdana, Arial, Helvetica, sans-serif' size='2'>back</font></a></b></div>";
		     echo"<br>";
		     echo"<br>";
		     echo"</tr>";

		}
		else
		{
?>

              <form name="form1" method="post" action="save_point_transfer.php">
               <input type="hidden" value="<?php echo $randam ?>" name="hidrandam">
			   <table width="501" border="1" align="center" cellpadding="4" cellspacing="4" bordercolor="#666666">
                 <tr>
                   <td colspan="4" bgcolor="#F9F9F9" class="style19"><span class="style20"> Point Transfer Details:-</span></td>
                 </tr>
                 <tr>
                   <td height="30" class="style23">Current Balance:</td>
                   <td width="326" colspan="2" class="style22"><span class="style24"><?php echo $current_point?></span></td>
                 </tr>
                 <tr>
                   <td width="141" height="30" class="style23">Transfer Point:</td>
                   <td colspan="2" class="style22"><span class="style24"><?php echo $transfer_points?></span></td>
                 </tr>
                 <tr>
                   <td height="30" class="style23">Transfer Username:</td>
                   <td class="style25"><?php echo $tran_user?><br>
                       <?php echo $C_FIRM_NAME?>&nbsp;<?php echo $C_FNAME?><br>
                     <?php echo $C_ADDR1?>,<?php echo $C_ADDR2?>,<?php echo $C_ADDR3?><br>
                     <?php echo $C_CITY?></td>
                 </tr>
               </table>
			   <div align="center"><br> 
		         <input type="submit" name="Submit" value="Submit">
		        </div>
              </form>


		
<?php	
		//echo $user;


		}
	}
?>
</body>
</html>
<?php
	}
	else
	{
		$errormsg="Your session is expeired. Please login again.";
		header("location: index.php?error=$errormsg");
	}

?>	
